Adam Roberts created FLINK-21546:
------------------------------------
Summary: Upgrade io.netty netty-codec in Flink (four findings)
Key: FLINK-21546
URL: https://issues.apache.org/jira/browse/FLINK-21546
Project: Flink
Issue Type: Bug
Reporter: Adam Roberts
Hi everyone, have been raising plenty of JIRAs after doing a Twistlock
container scan for Flink 1.11.3 and Hadoop 3.3.1 snapshot, for Flink itself (so
without using Hadoop) I've noticed the following libraries in use
(unfortunately I don't get a path where, but somewhere in Flink they must be,
or in a dependent jar?).
{{{"fixed in
4.1.46","packageName":"io.netty_netty-codec","packageVersion":"4.1.34.Final"}}}
{{{"fixed in
4.1.44","packageName":"io.netty_netty-codec","packageVersion":"4.1.34.Final"}}}
{{{"fixed in
4.1.44","packageName":"io.netty_netty-codec","packageVersion":"4.1.34.Final"}}}{{}}
{{{fixed in
4.1.42.Final","packageName":"io.netty_netty-codec","packageVersion":"4.1.34.Final"}}}
{{}}
https://issues.apache.org/jira/browse/HADOOP-17556 may be useful as well
Could we move up to Netty 4.1.46 (or something even newer?) across everything
Flink's using? Again, I apologise for not having the paths to figure out what
exactly is using it, but perhaps folks working directly with Flink may have a
clue? Thanks
{{}}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
